VYPR

Mediawiki CSS Extension

by Wikimedia Foundation

CVEs (9)

  • CVE-2025-32078MedApr 11, 2025
    risk 0.45cvss epss 0.00

    Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Version Compare Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Version Compare Extension: from 1.39 through 1.43.

  • CVE-2025-32075MedApr 11, 2025
    risk 0.45cvss epss 0.00

    Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Tabs Extension allows Code Injection.This issue affects Mediawiki - Tabs Extension: from 1.39 through 1.43.

  • CVE-2026-39839MedApr 7, 2026
    risk 0.40cvss 6.1epss 0.00

    Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7.

  • CVE-2025-62655LowOct 17, 2025
    risk 0.14cvss epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in The Wikimedia Foundation MediaWiki Cargo extension allows SQL Injection.This issue affects MediaWiki Cargo extension: 1.39, 1.43, 1.44.

  • CVE-2024-47841Oct 5, 2024
    risk 0.02cvss epss 0.34

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Path Traversal.This issue affects Mediawiki - CSS Extension: from 1.42.X before 1.42.2, from 1.41.X before 1.41.3, from…

  • CVE-2026-22710Jan 8, 2026
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - Wikibase Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Wikibase Extension: 1.45, 1.44, 1.43, 1.39.

  • CVE-2026-0669Jan 7, 2026
    risk 0.00cvss epss 0.00

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Wikimedia Foundation MediaWiki - CSS extension allows Path Traversal.This issue affects MediaWiki - CSS extension: 1.44, 1.43, 1.39.

  • CVE-2025-53500Jul 3, 2025
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - MassEditRegex Extension allows Stored XSS.This issue affects Mediawiki - MassEditRegex Extension: from 1.39.X before 1.39.12, from 1.42.X…

  • CVE-2024-47845Oct 5, 2024
    risk 0.00cvss epss 0.00

    Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2.